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DETAILED ACTION 



This action is in response to Applicant's amendment and request for 
reconsideration filed on October 26, 2001. Claims 1, 3-5, 7-11, 14, 15, 17-25, and 28- 
49 are presented for further examination. 



The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

1 . Claims 1-49 are rejected under 35 U.S.C. 112, first paragraph, as containing 
subject matter which was not described in the specification in such a way as to 
reasonably convey to one skilled in the relevant art that the inventor(s), at the time the 
application was filed, had possession of the claimed invention. 

In considering claims 1-49, all of the independent claims - 1, 15, 31, 35, 37, 39, 
41, 42, 44, 46, 47, and 49 - include limitations that were not described in the 
specification at the time the application was filed. The specification describes two 
separate processes. One process involves access requests received from users. 
When a user makes a request to access a resource, the system determines whether the 
user may obtain access to the resource by checking an access cache. See 
Specification, p. 16-18; Fig. 5. The other, separate, process involves flushing the cache 
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if particular access rights or resources have changed. On a regular, periodic basis, the 
system will check if certain access rights, resources, or access lists have changed, and 
if they have, the access cache will be flushed of all related access permissions from the 
cache. See Specification, p. 18-19; Fig. 6. These two processes operate on some of 
the same data, but they are separate processes that occur independently of each other. 

Each of the independent claims essentially combines these two separate steps 
into a single, if-then-else routine stemming from a single access request. For instance, 
claim 37 describes that a server first receives a request for a resource, then checks a 
memory to determine whether certain parameters have changed, then, if the 
parameters have changed, the cache memory relating to the user and resource is 
flushed, but if the parameters have not changed, the system goes on to determine 
whether a similar request has been previously granted and grants access if the 
determination is affirmative. However, as explicitly stated in the specification, the steps 
of checking for alterations and flushing the cache occur on a regular, periodic basis. 
These steps occur separately from any access requests, and there is no routine 
described in the specification that combines these two separate features. As stated 
above, one process receives access requests and responds accordingly, while the other 
process periodically checks for resource or access rights alterations and responds to 
that determination accordingly. On step does not occur as a result of the other, as 
claimed. 
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Therefore, because the claims include new matter that was not described in the 
specification at the time the application was filed, these claims must be canceled from 
the application, or appropriately corrected. 



2. Claims 1-49 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

In considering claims 1-36 and 41, the independent claims - 1, 15, 31, 35, and 
41 - all include language that is indefinite. All of these claims include if-then-else 
statements that do not logically flow from the preceding claim language. For instance, 
claims 1 recites the following: 

"Checking a first memory ... to determine: 

if [one of three criteria is met], then removing any access permissions from 

the first memory ... 

else, if the first memory indicates that the user has previously accessed 

the resource, then providing the user with access to the requested resource." 
The step of "determining" should not include within it steps of removing or providing 
access to a user. Perhaps the result of the determination step would be to provide 
access, but these claims, as presently worded, actually include the removing and 
providing steps as part of the determination step. Therefore, claims 1, 15, 31, 35, and 
41 , and all claims depending therefrom must be canceled from the application or 
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appropriately corrected. Note: as an example of language that is not indefinite in this 
respect, see claim 39. 

In considering claims 37-40, 42-49, the independent claims - 37, 39, 42, 44, 46, 
47, and 49 - include language that is unclear. Each of these claims requires a step of 
checking if "the user is/was logically present." It is unclear as to how an actual user can 
be logically present in a cache. Perhaps the claims intended to mean checking if a 
representation of the user is/was present in the cache, as recited in claims 1, 15, 31, 
and other independent claims. Nonetheless, claims 37, 39, 42, 44, 46, 47, and 49, and 
all claims depending therefrom, as presently stated are unclear, and must be canceled 
from the application or appropriately corrected. 



The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



3. Claims 1, 3, 7-11, 14, 15, 17, 20-25, and 28-49, as understood, are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Wobber et al. (U.S. Patent No. 
5,235,642, hereinafter "Wobber"). 

For the purposes of these claims, Examiner has interpreted the claims as 
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including the two separate functions of (1) authenticating users who have or have not 
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previously accessed the resources, and (2) flushing the cache of access permissions if 
particular system settings are altered. 

In considering claims 1,15, and 31, Wobber discloses a system for a computer- 
implemented method, comprising: 

means for checking a first memory (local cache 164) to determine if a user has 
previously accessed a requested resource on a computer network without performing a 
file open procedure upon a file which are stored any access permissions of users for 
access to the resource (col. 7, lines 32-36), upon receipt of an indication from the user 
to access the resource (col. 7, lines 22-24); and 

providing the user with access to the resource if the first memory indicates that 
the user has previously accessed the resource (col. 8, lines 31-35). 

See also, the Abstract and Summary of the invention. 

However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or when access permissions 
have changed is notoriously well known in the art. A person having ordinary skill in the 
art would have readily recognized the desirability and advantages of removing access 
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permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 

In considering claims 3 and 17, Wobber further discloses that the user is 
represented in the first memory by a token (Auth ID, col. 7, lines 34-38). 

In considering claims 7 and 21 , Wobber further discloses that the resource is a 
file (col. 4, line 21). 

In considering claims 8 and 22, Wobber further discloses that the resource is a 
volume of files (col. 4, line 21 ). 

In considering claims 9 and 23, Wobber fails to explicitly disclose that the 
resource is a memory device (see col. 4, lines 21-24). However, Examiner takes official 
notice that it is well known for networking systems to control access to memory devices, 
as well as for software objects. Thus, it would have been obvious to a person having 
ordinary skill in the art to use the access control system taught by Wobber for 
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networked memory devices in order to speed up the authorization process for access 
requests made to such memory devices. 

In considering claims 10 and 24, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to explicitly disclose 
storing of the information in the first memory comprising overwriting other information 
associated with the resource in the first memory. Nonetheless, Examiner takes official 
notice that it is well known in a network resource access system that authentication 
information is often changed and can thus be overwritten. One reason to change 
authentication information is to prevent tampering of the protected resources. 
Therefore, given the likelihood of tampering, it would have been obvious to a person 
having ordinary skill in the art to overwrite the token (Auth ID) taught by Wobber with a 
new token submitted from the user to help prevent security breaches. 

In considering claims 1 1 and 25, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to disclose writing a token 
for the user in the first memory over another token for another user that had last 
previous access to the resource. Nonetheless, Examiner takes official notice that 
overwriting information related to access rights in a network system is well known. 
Examiner takes further official notice that overwriting of data in a cache according to a 
least-recently-used algorithm is well known. Thus, given these well known network 
access functions, it would have been obvious to a person having ordinary skill in the art 
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to include the step of overwriting the least-recently-used tokens in the token cache in 
the system taught by Wobber, in order to open up storage space in the token cache in 
case the memory has become full. 

In considering claims 14 and 28, Wobber further discloses the request from the 
user indicating an operation to perform with respect to the resource (i.e. access the 
resource), and further comprising: 

checking the first memory (local cache 164) to determine if the user may perform 
the operation with respect to the resource (col. 7, lines 34-36); 

checking a second memory (local cache 160) to determine if the user may 
perform the operation with respect to the resource if the first memory does not indicate 
that the user may perform the operation with respect to the resource (col. 7, lines 39-40, 
44-45, 48-52); 

providing the user with access to the resource if the second memory indicates 
that the user may perform the operation with respect to the resource (col. 7, lines 50- 
60); and 

storing information in the first memory indicating that the user may perform the 
operation with respect to the resource if, after checking the second memory, the second 
memory indicates that the user may perform the operation with respect to the resource 
(col. 7, lines 58-63). 
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In considering claim 20, Wobber further discloses authorizing the user by 
checking a password (Auth ID) provided by the user; associating the token (Principal ID) 
with the user after authorizing the user; and using the token to check the first memory 
(col. 8, lines 1-30; col. 7, lines 55-62). 

In considering claims 29 and 30, Wobber further discloses: 

checking a second memory to determine if the user may access the resource if 
the first memory does not indicate that the user has previously accessed the resource 
(col. 7, lines 39-40, 44-45, 48-52); 

providing the user with access to the resource if the second memory indicates 
that the user may access the requested resource (col. 7, lines 50-60); and 

storing information in the first memory indicating that the user may access the 
resource if, after checking the second memory, the second memory indicates that the 
user may access the requested resource (col. 7, lines 58-63). 

In considering claim 32, Wobber further discloses performing a file open 
procedure upon the file in which are stored any access permissions of users for access 
to the requested resource to determine if the requesting user may access the requested 
resource if the memory does not indicate that the requesting user has previously 
accessed the requested resource (col. 7, line 64 - col. 8, line 22); and 
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providing the requesting user with access to the requested resource if the 
requested resource indicates that the requesting user may access the requested 
resource (col. 8, lines 23-30). 

In considering claim 33, Wobber further discloses storing information in the 
memory indicating that the user has previously accessed the requested resource (col. 8, 
lines 22-30). 

In considering claim 34, Wobber further discloses prior to checking the memory, 
performing a preliminary memory check to determine of the requesting use has 
previously accessed the computer network (col. 4, lines 37-65). 

In considering claim 35, Wobber further discloses a machine-readable program 
storage device embodying instructions executable by a computer to perform a method 
for providing access to a plurality of resources to a plurality of requesting users wherein 
access to each said resource is controlled by a network server having a network 
memory, the method comprising: 

receiving at the network server a resource request to access a requested 
resource of said plurality of resources from one said requesting user (col. 4, lines 9-30), 
wherein: 
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the network memory has stored therein which of said plurality of 
requesting users had accessed which of said plurality of resources (col. 7, lines 
34-36); and 

an access file has stored therein any access permissions of any users for 

access to the requested resource (col. 7, line 64 - col. 8, line 22); 

without opening the access file, checking the network memory to determine if the 
requesting user had accessed the requested resource (col. 7, lines 34-36); and 

if the requesting user had accessed the requested resource, opening the 
requested resource to provide access to the requesting user (col. 8, lines 31-35). 

However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or when access permissions 
have changed is notoriously well known in the art. A person having ordinary skill in the 
art would have readily recognized the desirability and advantages of removing access 
permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
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users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 

In considering claim 36, Wobber further discloses when the requesting user had 
not previously accessed the requested resource: 

opening the access file; checking the access file to determine if the requesting 
user may have access to the requested resource; and if the check is affirmative, then 
providing said access (col. 7, line 64 - col. 8, line 22). 

In considering claim 37, Wobber discloses a resource access system comprising: 
a network, including a plurality of resources, for transmitting a resource request 
from a network user with access to the network for access to a requested resource of 
said plurality of resources (col. 4, lines 9-30); and 

a network server (node 102-1), in communication with the network, for: 
receiving the resource request (col. 7, lines 22-24); 
checking, without opening any of said plurality of resources, whether the 
network user's resource request had been previously granted (col. 7, lines 34- 
36); and 

granting said access if the check is affirmative (col. 8, lines 31-34). 
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However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21 -22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or when access permissions 
have changed is notoriously well known in the art. A person having ordinary skill in the 
art would have readily recognized the desirability and advantages of removing access 
permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 

In considering claim 38, Wobber further discloses that granting said access 
further comprises opening the requested resource for the network user to have said 
access to the requested resource (col. 8, lines 34-35). 
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In considering claim 39, Wobber discloses a program for a resource access 
system, the program being embodied on a computer-readable medium and executed on 
a server that provides access to resources on a network, the program comprising: a 
code segment to receive a resource request for access to one said resource from a 
user having access to the network (col. 7, lines 22-24); 

a code segment to check, without opening any of said resources on the network, 
whether the user had previously been granted access to the requested resource (col. 7, 
lines 34-36; and 



a code segment to grant said access if the check is affirmative (col. 8, lines 31- 

35). 



However, Wobber does not explicitly disclose code segments for determining if 
(1 ) the requested resource is altered, or (2) a representation of the user has been 
removed from the first memory, or (3) any of the access permissions of the user for 
access to the requested resource are altered; and if any one of those three criteria is 
satisfied, then removing the relevant access permissions from the memory. Instead, 
Wobber proposes a time stamp for removing validity of the access rights from the cache 
(col. 6, lines 21-22). Nonetheless, Examiner takes official notice that removing user 
access rights to a network resource when the resource is altered, or when access 
permissions have changed is notoriously well known in the art. A person having 
ordinary skill in the art would have readily recognized the desirability and advantages of 
removing access permissions to the resources taught by Wobber not only when the 
time stamp expires, but also when the resources are altered or access rights have 
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changed, in case the altered resources include classified information which should not 
be viewed by current users, or the current users have been demoted from classified 
status and should no longer have access to classified information. Thus, it would have 
been obvious to a person having ordinary skill in the art to remove user access rights to 
the resources taught by Wobber when resources or access permissions are altered. 

In considering claim 40, Wobber further discloses a code segment to open the 
requested resource for the user of the network to have said access to the requested 
resource if the check is affirmative (col. 8, lines 34-35). 

In considering claim 41 , Wobber discloses a method for controlling access to a 
requested resource on a computer network by a requesting user, the method 
comprising: 

checking a first memory, without opening the requested resource, to determine if 
the requesting user has previously accessed the network (col. 7, lines 34-36); and 
if the requesting user has previously accessed the network: 



checking a second memory, without opening the requested resource, to 
determine if the requesting user has previously accessed the requested resource (col. 
7, lines 48-52); 



providing the requesting user with access to the network (col. 8, lines 31- 



35); 
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if the requesting user has previously accessed the requested resource then 
providing the requesting user with access to the requested resource (col. 7, lines 52- 
63); and 

if the requesting user has not previously accessed the requested resource then 
opening the requested resource to determine if the requesting user may access the 
requested resource and if the requested resource indicates that the requesting user 
may access the requested resource then providing the requesting user with access to 
the requested resource (col. 7, line 64 - col. 8, line 22). 

However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the second memory, or (3) any of the access permissions of the user for access to 
the requested resource are altered; and if any one of those three criteria is satisfied, 
then removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or when access permissions 
have changed is notoriously well known in the art. A person having ordinary skill in the 
art would have readily recognized the desirability and advantages of removing access 
permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
users, or the current users have been demoted from classified status and should no 
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longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 



In considering claim 42, Wobber further discloses a resource access 
determination method comprising: receiving a request for an access to a resource from 
a user having had said access; and deciding the request affirmatively based upon 
contents stored in a cache without opening the resource or contacting the user (col. 7, 
lines 22-24, 30-38; col. 8, lines 31-35). 

However, Wobber does not explicitly disclose the steps of determining if (1 ) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or if access permissions have 
changed is notoriously well known in the art. A person having ordinary skill in the art 
would have readily recognized the desirability and advantages of removing access 
permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
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users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 

In considering claim 43, Wobber further discloses, prior to said receiving: 
receiving a request for an access to the resource from the user who had not previously 
accessed the resource; and obtaining any access privileges to the resource of the user 
without contacting the user (col. 7, line 64 - col. 8, line 22; col. 8, lines 38-44). 

In considering claim 44, Wobber discloses a resource access determination 
method comprising: 

receiving an initial request for an access to a resource from a user, and obtaining 
an access privilege of the user to the resource from a cache and without contacting the 
user (col. 7, line 64 - col. 8, line 22; col. 8, lines 38-44); and 

if the user had the access privilege to the resource: granting the initial request; 
receiving subsequent requests for subsequent accesses to the resource from the user; 
and granting each said subsequent request without: opening the resource; or contacting 
the user (col. 7, lines 22-38; col. 8, lines 31-35). 

However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
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requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or if access permissions have 
changed is notoriously well known in the art. A person having ordinary skill in the art 
would have readily recognized the desirability and advantages of removing access 
permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 

In considering claim 45, Wobber further discloses that granting the initial request 
further comprises caching the result of said obtaining said access privilege of the user 
to the resource (col. 8, lines 23-30); and 

granting each said subsequent request further comprises comparing each said 
subsequent request with said cached result of said obtaining said access privilege of 
the user to the resource (col. 7, lines 34-48). 
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In considering claim 46, Wobber discloses a resource access determination 
method comprising: receiving a request for an access to a resource from a user having 
had said access; and deciding the request affirmatively based upon contents stored in a 
cache prior to contacting the user and without opening the resource (col. 7, lines 22-38; 
col. 8, lines 31-35). 

However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or if access permissions have 
changed is notoriously well known in the art. A person having ordinary skill in the art 
would have readily recognized the desirability and advantages of removing access 
permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 
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In considering claim 47, Wobber discloses in a system where resources are 
protected by access checks that are performed to confirm that a user meets any 
requirements for access to a particular resource, and where an access check is 
performed the first time that the user requests access to the particular resource to 
confirm that the user meets any requirements for access to the particular resource, a 
method for determining whether the user should have access to the particular resource 
(col. 4, lines 9-30; col. 8, lines 1-22), the method comprising: 

receiving a request from a user for access to a resource; checking the results of 
previous access request checks, which results are stored in a memory cache, to 
determine if the user has previously been allowed access to the resource; if the user 
has previously been allowed access to the resource, then allowing access to the 
resource without performing an access check (col. 7, lines 22-38; col. 8, lines 31-35). 

However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or if access permissions have 
changed is notoriously well known in the art. A person having ordinary skill in the art 
would have readily recognized the desirability and advantages of removing access 
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permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 

In considering claim 48, Wobber further discloses that the results of previous 
access request checks are cached in a cache (col. 8, lines 23-30). 

In considering claim 49, Wobber discloses in a system where resources are 
protected by access checks that are performed to confirm that a user meets any 
requirements for access to a particular resource, where the requirements for each user 
to access each resource are stored in an access file, where an access check is 
performed the first time that the user requests access to the particular resource to 
confirm that the user meets any requirements for access to the particular resource, and 
where the access check that is performed the first time that the user requests access to 
the particular resource includes performing a file opening procedure upon the access 
file to determine the requirements for the user to access the particular resource (col. 7, 
line 64 - col. 8, line 22), a method for determining whether the user should have access 
to the particular resource, the method comprising: 
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receiving a request from a user for access to a resource (col. 7, lines 22-24); 

checking the results of previous access request checks, which results are stored 
in a memory cache, without opening the access file, to determine if the user has 
previously been allowed access to the resource (col. 7, lines 34-36); and 

if the user has previously been allowed access to the resource, then allowing 
access to the resource without performing an access check (col. 8, lines 31-35). 

However, Wobber does not explicitly disclose the steps of determining if (1) the 
requested resource is altered, or (2) a representation of the user has been removed 
from the first memory, or (3) any of the access permissions of the user for access to the 
requested resource are altered; and if any one of those three criteria is satisfied, then 
removing the relevant access permissions from the memory. Instead, Wobber 
proposes a time stamp for removing validity of the access rights from the cache (col. 6, 
lines 21-22). Nonetheless, Examiner takes official notice that removing user access 
rights to a network resource when the resource is altered, or if access permissions have 
changed is notoriously well known in the art. A person having ordinary skill in the art 
would have readily recognized the desirability and advantages of removing access 
permissions to the resources taught by Wobber not only when the time stamp expires, 
but also when the resources are altered or access rights have changed, in case the 
altered resources include classified information which should not be viewed by current 
users, or the current users have been demoted from classified status and should no 
longer have access to classified information. Thus, it would have been obvious to a 
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person having ordinary skill in the art to remove user access rights to the resources 
taught by Wobber when resources or access permissions are altered. 

4. Claims 4, 5, 18, and 19 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wobber, in view of Carlson et al. (U.S. Patent No. 5,506,961 , 
hereinafter "Carlson"). 

In considering claims 4, 5, 18, and 19, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to disclose that the token 
also represents anonymous users and/or a plurality of other users. Nonetheless, it is 
well known for multiple users of a networked system to maintain the same tokens (thus 
remaining anonymous) for user access to a resource, as evidenced by Carlson. In a 
similar art, Carlson teaches an access rights system that uses tokens to signify access 
rights of users to a network, wherein single tokens can identify a group of users (thus 
rendering the users anonymous; col. 8, line 63 - col. 9, line 5). Thus, given the 
teaching of Carlson, a person having ordinary skill in the art would have readily 
recognized the desirability of representing multiple users with the same anonymous 
token to decrease the number of entries and amount of data in the cache, thus 
speeding up the cache look-up time. Therefore, it would have been obvious to 
represent a plurality of users in the system taught by Wobber with the same token, as 
suggested by Carlson. 
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Response to Arguments 



Applicant's arguments with respect to the claims have been considered but are 
not persuasive. 

In particular, Applicant contends the following, regarding the previous rejection of 

claims 12-13 and 26-27 (which have now been incorporated into each of the 

independent claims): 

In making the obviousness rejection the Office Action substitutes 
the limitations of Claims 12-13, and 26-27 with Official Notice. Applicants 
respectfully submit that the rejection fails to give proper weight to the 
limitations, especially since these limitations are missing from the prior art 
of record. Moreover, these assertions of obviousness are not otherwise 
supported by way of prior art citation, stated scientific theory, basis for 
common knowledge in the art, or cited legal precedent. 

All of this is true. However, the reason for taking official notice is specifically for 

the situation that Applicant has stated, i.e., where the assertions of obviousness are not 

otherwise supported by way of prior art citation, scientific theory, basis for common 

knowledge in the art, or cited legal precedent. The examiner may take official notice of 

facts outside of the record which are capable of instant and unquestionable 

demonstration as being "well-known" in the art. See MPEP 2144.03. Examiner has 

taken official notice because the claimed steps of checking if a resource or access 

rights to a resource have been altered, and if so, then removing indications allowing 

access to the resource, are notoriously well known in the art. For instance, if a 

corporate server stores access rights regarding the company's employees, and one of 

the employees leaves the company, it would be customary to remove the system 

access rights relating to that employee. In another example, if a particular resource, 
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such as a group printer, is removed from the system, and certain employees had 
access to that printer, it would be obvious to remove any access rights relating to that 
printer from the system to get rid of incorrect and extraneous stored information. Or, if 
an employee is demoted from a manager status to a lower status, and the manager 
position allows greater access to company information, it would again be obvious to 
remove the access rights regarding that employee so that the employee can no longer 
access resources that he or she is no longer privileged to access. 

Applicant has not traversed Examiner's assertions of Official Notice, and has not 
requested that the Examiner supply additional information in support of the statements 
made regarding Official Notice for any of the claims. To adequately traverse such a 
finding, an applicant must specifically point out the supposed errors in the examiner's 
action, which would include stating why the noticed fact is not considered to be common 
knowledge or well-known in the art. See 37 CFR 1 .1 1 1(b). See also In re Chevenard, 
139 F.2d 71 1 , 71 3, 60 USPQ 239, 241 . Thus, because Applicant has failed to traverse 
any of Examiner's assertions of Official Notice as presented in the previous office 
action, the well-known in the art statements made by Examiner in the previous office 
action are taken to be admitted prior art. See MPEP 2144.03. See also Chevenard, 
1 39 F.2d at 71 3, 60 USPQ at 241 . 
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Conclusion 



The prior art made of record but not relied upon is considered pertinent to 
Applicant's disclosure. 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bradley Edelman whose telephone number is (703) 306- 
3041 . The examiner can normally be reached on Monday to Friday from 8:30 AM to 
5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examinees 
supervisor, Glen Burgess, can be reached on (703) 305-4792. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 305-7201 . 



* • 

Application/Control Number: 09/224,91 8 Page 29 

Art Unit: 2153 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 308- 
3900. 
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